Patching OpenSSL due to Heartbleed

A recent critical security vulnerability in the OpenSSL implementation (CVE-2014-0160, also known as “Heartbleed”) affects recent versions of Ubuntu.

It’s a good time to update your linux. =)

sudo apt-get update
sudo apt-get upgrade

Then check your Openssl version.

openssl version

If you see OpenSSL 1.0.1g 7 Apr 2014, then you are good now, stop and go get a beer.

If you see OpenSSL 1.0.1 14 Mar 2012, double check by issuing:

dpkg -l | grep ' openssl '

If you see 1.0.1-4ubuntu5.12, then you are good, get some beer now.

And yes, since some of your long-running processes may be using the old openssl, the safest thing is to reboot as well.

sudo reboot

Ref: http://askubuntu.com/questions/444702/how-to-patch-the-heartbleed-bug-cve-2014-0160-in-openssl, http://askubuntu.com/questions/444702/how-to-patch-the-heartbleed-bug-cve-2014-0160-in-openssl/444829#444829

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s